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REMARKS 

The present Final Office Action maintains the rejection of all pending claims. Applicants 
again respectfully $ubmit that the Office Action has not established a prima facie case of 
anticipation or obviousness. Neither has the Office Action addressed all of Applicants' 
arguments as set forth in its prior Response to Office Action. Applicants further note that, 
although the same references are used to reject the claims, the reasons for some of the rejections 
are different as compared to the prior Office Action thereby constituting a "new grounds" for 
rejection. Accordingly, Applicants request that the rejections be withdrawn and that any 
subsequent Office Action be designated non-Final. See e.g. MP.E.P. § 706.07. 

Sjamroairv off aha Office AciUom 

Claims I, 3-10, and 29-32 remain pending in the application. Claim 31 stands rejected 
under 35 U.S.C. § 102(e) as anticipated by U.S. Patent No. 6,182,142 ("Win"). Claims 1, 3-4, 6- 
8, and 29 stand rejected under 35 U.S.C. § 103 as unpatentable over Win in view of U.S. Patent 
No. 6,470,453 ("Vilhuber"). Claims 5, 9, and 10 stand rejected under 35 U.S.C. § 103 as 
unpatentable over Win in view of Vilhuber and further in view of U.S. Patent No. 6,493,749 
("Paxhia"). Claims 30 and 32 stand rejected as unpatentable over Win in view of Official 
Notice. 

Discussion of the Reietttiom under 35 U.S.C. S 102 

The Office Action rejects claim 31 as anticipated by Win. Applicants respectfully submit 
that the present Office Action has not addressed Applicants' arguments as set forth in its prior 
Response to Office Action, dated February 24, 2004 (the "prior ROA"). The prior ROA 
indicated that the rejection of claim 31 was improper because it failed to indicate that Win 
disclosed each and every limitation recited in that claim. In particular, claim 31 recites deciding 
whether to grant or deny access based upon the step of determining a medium typ e, which 
limitation was not addressed in the prior Office Action's rejection of claim 31. 

The present Office Action does not address this argument and, indeed, makes the very 
same rejection again failing to explain where in the Win reference this limitation is disclosed. 
Because neither the prior Office Action or the present Office Action address all claim 
limitations, a prima facie case of anticipation has not been established and the rejection should 
be withdrawn. See e.g. M.P.E.P. § 2131.01 ("A claim is anticipated only if each and every 
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element is expressly or inherently described in single prior art reference.'*) citing Verdegall 
Bros. v. Union Oil Co. ofCal, 814 F.2d 628 (Fed. Cir. 1987). 

Moreover, and for the same reasons discussed in Applicants' prior ROA. claim 31 is not 
anticipated by Win. Claim 31 recites a user attempting to access a network through a 
communication medium. Claim 3 1 further recites the steps of "determining a group to which the 
user belongs; determining the medium type and based on the determined group and the medium 
type, selecting an action ... usable to grant or deny access to the network." (emphasis added). 
Thus, claim 31 explicitly requires that the decision to grant or deny access be based on two 
independent factors - one being the determined group and the other being the determined 
medium type. 

Win discloses a method of granting or denying access to a network through the use of 
cookies. When a user first attempts to access the network, the user is required to enter a 
password and user name. (Win, col. 6, 11. 48-51). A server then places a "roles cookie" on the 
browser of the user's machine. (Id., col. 6, 11. 51-55). The roles cookie includes a list of the 
user's roles, which define the roles of the particular user, e.g. engineering, sales, marketing and 
the like. (Id., col. 10, 1. 67 and col. 5, 11. 28-39). Win further discloses the following with 
respect to granting and denying access to the network: 

If the resource is not a public resource, then a user is allowed access only if the 
user is authorized, as shown by state 320. In the preferred embodiment, state 320 
involves testing whether the request from browser 100 contains a "roles cookie" 
that can be decrypted, and the user has one or more roles, in a combination 
defined by an Access Rule. Each Access Rule is a Boolean expression of one or 
more roles. In an alternate embodiment, state 320 involves testing whether the 
user has at least one role needed to access the resource. If these conditions are 
satisfied, then the user is deemed authorized. If these conditions are not satisfied, 
the user does not have authorization and the Runtime Module returns a 
redirection to a pre-defined URL, as shown by state 322. Preferably, the pre- 
defined URL identifies a Web page that displays the message "Access 
Restricted," or an equivalent warning that informs the user that it cannot access 
the requested resource. 

(col. 8, 1. 56 - col. 9, 1. 5). 

Thus, Win discloses that the decision as to whether to grant or deny access to the network 
is based sojely. on the roles cookie. Nowhere does Win disclose, teach, or even remotely suggest 
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that the roles cookie includes any information concerning a medium type or even the step of 
determining the medium type. Accordingly, it follows that Win fails to disclose determining 
whether to grant or deny access based upon a determined medium type through which the user 
connects to the network. 

While not discussed with respect to the rejection of Claim 31, the Office Action asserts in 
its rejection of other claims that Win discloses determining whether a link is encrypted. For the 
reasons discussed below. Applicants disagree that the disclosure in Win concerning encryption 
has any bearing on the patentability of the pending claims. However, even assurning the 
assertions in the Office Action concerning encryption were true and further assuming such 
argument had been made with respect to claim 31 (which it was not), Win would not anticipate 
claim 31. The "medium type" recited in claim 31 would be understood by one of ordinary skill 
in the art as pertaining to physical properties of the communication path between the user and 
network (e.g. dial-up, DSL, and the like) as described, for example, on page 8 of Applicants' 
specification. In contrast, the disclosure in Win of encrypting data using Secure Sockets Layer 
("SSL") concerns the use of a protocol, not the physical properties of the connection as claimed. 

For the above reasons, Win does not anticipate claim 31 and the rejection should be 
withdrawn. 



JOiscassioini of the Rejections minder 35 U.S.C. S 103 
J. Claims 1,3-4,6-8, and 29. 

Claims 1. 3 - 4, 6 - 8, and 29 stand rejected under 35 U.S.C. § 103 as unpatentable over 
Win in view of Vilhuber. According to the Office Action, Win discloses all of the recited 
limitations except that "Win does not specifically disclose authorization parameter is used by the 
network access server where the NAS being interposed between the user and the resource." The 
Office further asserts, however, that such teaching is provided by Vilhuber. Applicants 
respectfully submit that the Office Action has not established a prima facie case of obvious 
because: (1) Win and Vilhuber fail to teach all of the recited claim limitations even when those 
references are combined, and (2) the Office Action has not established a suggestion or 
motivation to combine the Win and Vilhuber references. 

Independent claim 1 and corresponding dependent claims 3 - 4, and 6 - 8 recite a method 
wherein a user attempts to access the network over a network link. These claims further recite 
the steps of "determining a group to which the user belongs and evaluating the link to determine 
the characteristic of the link," and "based on the determined group and the determine 
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characteristic, selecting an authorization parameter . . . used by the network access server to grant 
or deny access to the resource." (emphasis added). Independent claim 29 recites a user 
attempting to access a network through a communication medium. Claim 29 further recites the 
steps of "determining a group to which the user belongs; determining the medium type and, 
based on the determined group and the medium ty^, selecting an action ... used by a network 
access server to grant or deny access to the network." (emphasis added). 

Win does not disclose, teach, or suggest that a decision on whether to grant or deny 
access is based on a determined characteristic of a link or a medium type. As discussed above, 
Win bases the decision on whether to grant or deny access based solely on the roles cookie 
embedded in the user's browser. The information in the roles cookie is entirely unrelated to the 
characteristic of the link or medium type through which the user accesses the network. 

The Office Action asserts, however, that Win does disclose determining the characteristic 
of a link indicating that: 

Win discloses in (col. 22, lines 49-53, 65-67 and col. 23, lines 1-12) where 
the link between servers are encrypted in order to ensure each transaction 
is secure and confidential. If secure link is not established between 
servers than no transaction will be performed. This is a teaching of 
determining of characteristic link. For example, Win Specifically 
discloses encrypted link in (fig. 1#109, col. 23, lines 26-29). 

Applicants agree that Win discloses the use of encryption as desirable "to ensure that 
transactions are not tampered with or altered in any way. ... Thus no one can intercept names, 
passwords, or cookies." (Win, col. 23, 11. 7-12). Applicants disagree, however, with the 
suggestion that Win discloses, teaches, or suggests that if a secure link is not established no 
transaction will be performed. Contrary to the assertion in the Office Action, transactions must 
occur between the user and the network absent a secure link because a secure link is not 
established until after the user and network server negotiate security parameters, e.g. 
cryptographic keys using a security protocol such as SSL. In short, the disclosure in Win 
concerning encryption simply states that using encrypted communications prevents a malicious 
user from eavesdropping and/or tampering with the information exchanged between the user and 
the network. Win does not disclose, teach or suggest that access to the network is predicated in 
any way on whether communications with a user are encrypted. The only basis disclosed in Win 
for determining whether to grant or deny access to a network resource is the roles cookie. 
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Moreover, even assuming arguendo that the assertions in the Office Action concerning 
encryption were correct, such disclosure would not render the claims obvious. Claim 1 recites 
that the characteristic of the link is determined and then the determined characteristic is used to 
grant or deny access to a resource on the network. In contrast, the Office Action asserts that if 
the communication is not encrypted, then no transaction is performed, i.e. encryption is used 
whether to grant or deny access to the overall network . Claim 29, like claim 31, recites 
determining whether to grant or deny access based upon a determined medium type, which 
limitation is again not addressed by the Office Action. For the same reasons discussed with 
respect to claim 31, Win fails to disclose, teach, or suggest determining a medium type or using 
the medium type to grant or deny access. 

Vilhuber discloses a user connected to a network through a network access server. 
(Vilhuber, Fig. 1). The network access server disclosed in Vilhuber controls access to a network 
through conventional means that require the user to enter a user name and password. (Id., col. 8, 
11. 8-19). Vilhuber does not disclose, teach, or even suggest basing a decision on whether to 
grant or deny access upon a determined characteristic of a link or medium type. Accordingly, 
Vilhuber and Win do not render the rejected claims obvious even when those references are 
combined. 

Finally, Applicants submit that the Office Action has not established that Win and 
Vilhuber can be properly combined. In this regard, the Office Action states as follows: 

It would have been obvious to a person of ordinary skill in the art to employ 
network access server, taught in Vilhuber with network access system disclosed in 
order to block off or secure against unauthorized user from entering the network. 
Having NAS to perform security functions such as password checking, source 
checking and security parameter checking relieves a resource computer from 
conducting security procedures which can be time consuming but most 
importantly security maybe breached. Further, NAS serves a security wall so that 
before any user tries to contact the resource computer directly, user must go 
through NAS first before entering a network thereby adding another layer of 
security to the system. 

Applicants respectfully submit that the asserted motivation to combine references reflects 
impermissible hindsight using Applicants' claims as a roadmap to reconstruct the invention 
recited therein. The possible sources for a motivation to combine references are: "the nature of 
the problem to be solved, the teachings of the prior art, and the knowledge of persons of ordinary 
skill in the art." In re Rouffet, 47 U.S.P.Q.2d 1453, 1458 (Fed. Cir. 1998). Regardless of which 
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source is used, however, the "factual inquiry whether to combine references ... must be based on 
evidence of record." i n re Lee, 61 U.S.P.Q.2d 1430 (Fed. Cir. 2002) (emphasis added). In this 
case, the Office Action provides a conclusory statement of motivation to combine that is 
unsupported by any evidence of record, i.e. a showing that the asserted motivation is stated 
within the references themselves or within the knowledge of one skilled in the art at the time of 
Applicants' invention. In fact, there is no motivation to combine because the entire disclosure 
of Win is dedicated to using distributed management among individual resources for detennining 
whether to grant or deny access. To modify Win as suggested by the Office Action would 
require a complete redesign and change the very principle of operation of the system disclosed 
therein. In such circumstances, there can be no motivation to combine references. See e.g. In re 
Raiti, 270F.2d 810 (C.C P.A. 1959); M.P.E.P. § 2143.01. 

In summary, Vilhuber and Win fail to disclose, teach, or suggest basing a decision on 
whether to grant or deny access upon a determined characteristic of a link or medium type, even 
when the teachings of those references are combined. Additionally, the Office Action has not 
established a motivation to combine Win and Vilhuber; i.e. the Office Action provides a 
conclusory statement without any factual support. Thus, a prima facie case of obviousness has 
not been established and Applicants request that the rejections be withdrawn. 

Claims 3-4, and 6-8 recite additional features that are not disclosed, taught, or suggested 
by the prior art. However, these need not be discussed herein because claims 3-4 and 6-8 depend 
from claim I and are patentable for the same reasons discussed above. 

2. Claims 5, 9, and 10. 

Claims 5, 9, and 10 stand rejected under 35 U.S.C. § 103 as unpatentable over Win in 
view of Vilhuber and further in view of Paxhia. Claims 5, 9, and 10 depend from claim 1. As 
discussed above, claim 1 requires determining both a group to which the user belongs and a 
characteristic of the link through which the user is connected to the network. The decision on 
whether to grant or deny access is then based upon both the determined group and the 
characteristic of the link. 

As further discussed above, neither Vilhuber nor Win disclose, teach, or suggest, basing a 
decision on whether to grant or deny access upon a determined characteristic of a link. Paxhia is 
cited by the Office Action because it allegedly discloses an override attribute. However, Paxhia 
likewise fails to disclose, teach, or suggest, basing an access determination on a determined 
characteristic of a link. Accordingly, Win, Vilhuber, and Paxhia do not teach the claimed 
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invention even when combined. Applicants further note that the Office Action has not 
established a motivation to combine for the same reasons previously discussed with respect to 
claim 1. For the above reasons, a prima facie case of obviousness has not been established and 
Applicants request that the rejection be withdrawn. 

3. Claims 30 and 32. 

Claims 30 and 32 stand rejected as unpatentable over Win in view of Official Notice. 
Independent claims 30 and 32 recite a user attempting to access a network through a dial up link. 
These claims further recite "determining a group to which the user belongs; determining the 
called number of the dial up link and, based on the determined group and the number, selecting 
an action . . . usable to grant or deny access to the network." 

Win does not disclose, teach, or suggest determining a called number or basing a decision 
on whether to permit access based on the determined number. The Office Action asserts that 
"Official notice is taken that dial up link is well known in the art. One of ordinary skill in the art 
would have been motivated to use called number because with dial up link user can be called 
back and offers convenient and cost efficient to access remote site." Even assuming arguendo 
that the stated assertion is true, the Office Action fails to establish a prima facie case of 
obviousness. The claims do not merely recite using a callback number. Rather, the claims recite 
determining the called number and then determining whether to grant or deny access based on 
the determined number, which feature is not disclosed, taught, or suggested by Win nor does the 
Official Notice even allege such feature as known within the art. This argument was also 
presented in Applicants' prior ROA, but was not addressed in the present Office Action. For the 
above reasons, a prima facie case of obviousness has not been established and Applicants request 
that the rejection be withdrawn. 
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CoacBuisioiBi 

The application is considered in good and proper form for allowance, and the Examiner is 
respectfully requested to pass this application to issue. If, in the opinion of the Examiner, a 
telephone conference would expedite the prosecution of the subject application, the Examiner is 
invited to call the undersigned attorney. 



Respectfully submitted, 




LEYDIG, VOIT & MAYER, LTD. 
Two Prudential Plaza, Suite 4900 
1 80 North Stetson Avenue 
Chicago, Illinois 60601-6780 
(312> 616-5600 (telephone) 



Date: May 6, 2004 




Amendment or ROA - Final (Revised 7/29/03) 
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